Organizations acknowledge encryption as “critical” but remain deterred by complexity

Email encryption is a “critical” or “very important” business priority for 53 per cent of organizations, despite only being used “extensively” by 40 percent of organizations. The findings, published in a market research survey on behalf of Echoworx by Osterman Research, suggest the technology’s stock among business leaders is increasing, but perception issues over ease of use still remain.

The study, titled “Enterprise Encryption and Authentication Usage: A Survey Report”, polled the views of almost 165 IT decision makers and influencers, managing on average 14,000 email users per organization, to assess the adoption of encryption in the context of email, file sharing and other communication modes used to share sensitive and confidential records. More than half of the respondents (53 per cent) considered email encryption a priority, up almost 10 per cent on 2015.

However, the findings also revealed that encryption is not used as often as it should be. Only two in five (40 per cent) organizations reported “extensive” use of encryption. When asked what the barriers are preventing more widespread use of the technology, more than half (53%) of respondents said “asking too much of the email recipients”, indicating that ease of use for both senders and receivers is still a major issue for businesses.

“Despite the importance of encryption and the benefits it offers, there is still the common misconception that the technology is suited for only the technically savvy”, said Jacob Ginsberg, Senior Director at Echoworx. “The challenge in the security industry today is that despite the ever more complex threat vector, solutions must remain dead simple to use. Human nature is to look for the easiest path to accomplish a task, and that path also must be the most secure. Creating more efficient, easy-to-use, cloud-based encryption systems will help drive adoption forward.”

With the GDPR deadline less than 18 months away, encryption is a key technology that will enable organizations to comply with the regulations and avoid heavy financial penalties. However, one third (33 per cent) of the respondents said that their plans to extend data protection using encryption will occur in “over one year’s time”, leaving little time to spare.

“Encryption is one of the most important technologies that organizations can deploy in order to comply with GDPR”, continued Ginsberg. “With the increasing number of data breaches, an encryption policy that spans a wide range of applications and purposes will go a long way to safeguarding organizations’ data and that of its stakeholders.”